package com.hhxy.expression;

import com.hhxy.domain.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * @author ghp
 * @date 2023/3/12
 * @title 自定义表达式根
 * @description 用于自定义权限校验方法
 */
@Component("ex")
public class CustomExpressionRoot {

    /**
     * 自定义一个权限校验方法，判断当前用户是否含有该权限
     * @param authority 需要的权限
     * @return
     */
    public boolean hasAuthority(String authority){
        // 获取当前用户的权限
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        // 判断用户权限集合是否含有该权限
        return permissions.contains(authority);
    }
}
